Regulation - EU

GDPR

Operational summary for teams that need to map lawful basis, respond to data subject rights, and maintain decision traceability.

1. Lawful basis per workflow

Use approval stages and required fields to register lawful basis per processing activity, aligning operations and evidence.

2. Data subject rights (Arts. 15-22)

DSAR workflows with SLA for access, rectification, portability, and deletion.
Clear assignment of owners by step and deadline.
Audit trail to demonstrate diligence and response execution.

3. Incidents and notification (Arts. 33-34)

Incident workflows with decision checkpoints help document investigation, impact, and required communications.

4. Governance and accountability

Role-based access controls and organization segregation.
Activity logs for sensitive actions and approvals.
Process versioning to track operational changes over time.

5. Important notice

This content is informational and does not constitute legal advice. Final compliance depends on lawful basis, configuration, and controller governance.

View privacy policy View DPA Back to security